Ethical H ackin g an d
C
t
Coun term easures
Version 6
M o d u le X LVI
M o d u le X LVI
Securin g Laptop
Com puters
Module Objective
Thi d l ill f ili i ith
• Laptop threats
L Th f S i i
This m odule will fam iliarize you with:
• Laptop Theft Statistics • Fin gerprin t Reader
• Protectin g Laptops through Face Recogn ition • Bluetooth in Laptopsp p
• Tools
• Securin g from Physical Laptop thefts • H ardware Security for Laptops
Protectin g the Sen sitive data • Protectin g the Sen sitive data
• Preven tin g Laptop Com m un ication s from Wireless Threats • Protectin g the Stolen Laptops From Bein g Used
Module Flow
Laptop threats Securin g from Physical
Laptop thefts
Laptop Theft Statistics H ardware Security for
Laptops
p p
Fin gerprin t Reader Protectin g the Sen sitive data
Protectin g Laptops through Face Recogn ition
Preven tin g Laptop Com m un ication s from Wireless Threats
Bluetooth in Laptop Protectin g the Stolen Laptops
From Bein g Used
Statistics for Stolen an d
Recovered Laptops
Statistics on Security
Percen tage of Organ ization s
Laptop Threats
Physical Security
• Crim in als target laptops for quick profits an d m isuse of the con fiden tial data
• Laptops con tain in g person al an d corporate in form ation can p p g p p be hacked by the attackers an d used for their profits
In form ation Security
• Corruptin g, destroyin g, or gain in g access to a Laptop through hackin g, m alicious program s, or social en gin eerin g
• Accessin g the data through weak passwords an d open access • Application security an d vuln erabilities to attack the
vuln erable application
• Attackin g the laptops with un en crypted data an d un protected file system s
C i h d h h bl d i
Laptop Threats (con t’d)
Wireless Security
• In terceptin g an d m on itorin g wireless traffic through various sn iffer tools an d in terception software
y
• Packet in sertion an d hijackin g attacks in to the sn iffed wireless traffic
• J am m in g is used where the attacker uses differen t wireless devices at differen t frequen cies which q creates radio frequen cy in terferen ces for an y wireless n etwork in vicin ity
• Peer to peer attacks is perform ed by usin g Ad H oc m ode
• Man in the m iddle attack
• Wi-phishin g is used by hijackers to setup an
access poin t with SSID that is used by default on m ost access poin ts
Laptop Theft
f l
l
If a laptop were lost...
• What in form ation of a strategic n ature would be disclosed? Real exam ples of this type of in form ation in clude pen din g m ergers, n ew product in tellectual property, strategies an d laun ch plan s an d previously un disclosed fin an cial
laun ch plan s, an d previously un disclosed fin an cial operatin g results
• What in form ation of a tactical n ature would be disclosed? Exam ples in clude private com pen sation in form ation , plan s for organ ization al chan ges, proposals to clien ts, an d the m yriad of sim ilar in form ation that can be gain ed from
Laptop Theft (con t’d)
If a laptop were lost...
• What in form ation about the com pan y's n etwork or
com putin g in frastructure would be revealed that would facilitate an electron ic attack?
Exam ples of this type of in form ation in clude usern am es an d passwords, dial in n um bers, IP addressin g schem es, DNS n am in g con ven tion s, ISPs used, prim ary m ail servers, an d other n etworkin g details related to con n ectin g the laptop to other n etworkin g details related to con n ectin g the laptop to the corporate or In tern et en viron m en t.
• What person al in form ation about the laptop own er can be bt i d?
Fin gerprin t Reader
Fin gerprin t Reader en ables the user to access the Fin gerprin t Reader en ables the user to access the laptop in a m ore secured an d easy way
It provides higher level of security while accessin g the data or n etwork
BioNet 2 laptop fin gerprin t reader design ed from Biom etric fin gerprin t reader is specially used for portable storage devices such as laptops an d PDAs portable storage devices such as laptops an d PDAs
It offers secured access to the application s like,
Protectin g Laptops Through Face
Recogn ition
Recogn ition
Face Recogn ition techn ology is used to access authen tication on the laptop by recogn izin g the face as the password
laptop by recogn izin g the face as the password
It takes the sn apshot of the user an d creates digital shots which serve as the password
It supports m ultiple users to allow trusted on es to access the laptop
Features:
• Advan ced Face recogn ition software via In tegrated Cam era for authen ticatin g user • On e-key recovery helps to recover operatin g
Bluetooth in Laptops
Bluetooth en ables two laptop devices to con n ect with
h h i h f bl d i
each other n egatin g the usage of cables an d wires
A Bluetooth en abled laptop tries to pair with an other
i d d l b i h k d i
in ten ded laptop but n ot with an un kn own device
The Bluetooth laptop devices create an in itialization key PIN code or passkey used for authen tication
Attacker can sn iff this session to access the data Attacker can sn iff this session to access the data
Laptop Security
Laptops can be secured physically from bein g stolen or
Laptops can be secured physically from bein g stolen or
lost by usin g security tools
Laptop Security Tools
Steel Cable Locks Laptop Tie-down Brackets
LapSafe laptop trolley
Laptop Alarm
Laptop Alarm will em it a loud alarm when ever som eon e
l
l
tries to steal your laptop
It em its the loud soun d on
• A/ C Power Rem oval • Mouse Rem oval
It em its the loud soun d on
Flexysafe
Flexysafe is the laptops safe security case Flexysafe is the laptops safe security case
Master Lock
Master Lock paten ted lock an d cable system
Features
• Locks n otebook com puter to preven t theft an d protect data
eToken
eToken represen ts the m ost effective
eToken represen ts the m ost effective
com bin ation for protectin g data on your
laptops
It is a stron g authen tication , with disk
en cryption an d boot-protection solution
A sm art card-based stron g authen tication
solution en sures PC an d laptop security
with two key com pon en ts
with two key com pon en ts
• Physical protection of the en cryption keys • User authen tication prior to en cryption key
STOP-Lock
STOP-Lock com bin es trackin g system with a lockin g
h
i
h l d
hi
m echan ism to help deter thieves
It is a highly-visible sm all m etal plate that attaches securely to
g y
p
y
the cover of the laptop
True Crypt
Free open -source disk en cryption software
Features
• Creates a virtual en crypted disk within a file an d m oun ts it as a real disk
• En crypts an en tire partition or storage • En crypts an en tire partition or storage device such as USB flash drive or hard drive
• Provides two levels of plausible
d i bili i d f
den iability, in case an adversary forces you to reveal the password
PAL PC Tracker
PAL PC tracker will track an d locate the lost or stolen com puter PAL PC tracker will track an d locate the lost or stolen com puter
It sen ds stealth sign al which in clude the user’s com puter tracing g p g details
Cryptex
Cryptex provides an un breakable, 448 -bit en cryption data storage on l t
laptops
It keeps the data safe by creatin g an en cryptin g vault on the hard drive
Dekart Private Disk Multifactor
Private Disk Multifactor is a disk en cryption program that secures fid ti l d t l t
con fiden tial data on laptops
It provides proactive protection again st viruses, Trojan s, adware, spyware an d un authorized n etwork access
spyware, an d un authorized n etwork access
Sen sitive data is n ot on ly en crypted, but are protected with Dekart's in n ovative Disk Firewall m echan ism
Laptop An ti-Theft
L t A ti Th ft i d t th h
Laptop An ti-Theft recogn izes an d traces through both in tern al an d extern al n etworks for LAN/ WAN con figuration s to pin poin t actual location of the lost or stolen laptop
On ce in stalled in visibly on your laptop system , Laptop An ti-Theft sen ds a stealth e-m ail m essage p p g con tain in g it's exact location to a prdeterm in ed e-m ail address set by the own er
In spice Trace
In spice Trace is a
location trackin g
program that em ails you
program that em ails you
the precise location of
your stolen or lost laptop
It lets you un recoverably
destroy sen sitive data in
l
t
i
f
ZTRACE GOLD
ZTRACE GOLD is an in visible software security
application that traces the location of m issin g laptops application that traces the location of m issin g laptops for recovery
It is un detectable an d un erasable on a laptop's hard drive
If the laptop is reported m issin g, a paten t pen din g process occurs for the ZTRACE Recovery Team to iden tify the com puter's exact physical locationy p p y
SecureTrieve Pro
SecureTrieve Pro is a software tool that en crypts,
d i
i i
l
fil
f
l
protects an d retrieves critical files from a lost or
stolen laptop
It autom atically retrieves critical files rem otely
from your m issin g laptop
It offers very powerful en cryption capabilities
It goes through firewalls to fin d the exact location
of your stolen laptop
XTool Laptop Tracker
XTool Laptop Tracker supports all the recovery th d I t t C ll ID WiFi W bC GPS m ethods: In tern et, Caller ID, WiFi, WebCam , GPS, Rem ote Foren sic Tools
It can n ot be detected by an ti-virus program s an d can bypass 90 % of all corporate an d person al firewalls
XTool Laptop Tracker Agen t is sm all an d uses
en cryption to tran sm it the collected data to the XTool Mon itorin g Cen ter
Mon itorin g Cen ter
XTool Laptop Tracker:
Screen shot
XTool En crypted Disk
XTool En crypted Disk is a cen trally m an aged proactive rem ote
XTool En crypted Disk is a cen trally m an aged proactive rem ote
laptop security solution
It en sures the in tellectual property, im portan t in form ation an d
con fiden tial data stored on your rem ote laptops is secure
Protect rem ote users from data security threats by en cryptin g
sen sitive in form ation an d preven tin g un authorized access to
im portan t an d con fiden tial files
p
XTool En crypted Disk:
Screen shot
XTool Asset Auditor
XTool Asset Auditor is a cen trally m an aged auditin g
service
It uses a low ban dwidth agen t to rem otely collect
in form ation about hardware com pon en ts, software
in stalled an d application usage
in stalled an d application usage
XTool Rem ote Delete
The XTool Rem ote Delete en ables users to rem otely an d
y
securely delete sen sitive data to preven t un authorized
access to im portan t an d con fiden tial files
It m in im izes data security breaches
It provides a feedback that con firm s what files were foun d
an d deleted from the target com puter
XTool Rem ote Delete:
Screen shot
Securin g from Physical Laptop
Thefts
Thefts
Use Rem ote Laptop Security to preven t access to the secured data
secured data
Use a dockin g station
• Dockin g station perm an en tly affixes the laptop to the desktop an d also locks the laptop securely at on e place
Eject the PCMCIA NIC cards when the laptop is n ot in use j p p
Use a person al firewall to the laptop
Use security gadgets like m otion detection an d alarm s to alert you when the laptop is m oved by a third party
H ardware Security for Laptops
Security cable lockin g devices fix the laptop
y
g
p
p
to an im m ovable object
Cable alarm s alert the user at the tim e of
m alicious activities
Key lock locks down the laptop to the
surface where it is m ost used
A rem ote con trol storage case is used for
the laptops to protect from thefts
Protectin g the Sen sitive Data
Use the NTFS file system which provides file level security an d protects from laptop thieves
Disable the Guest Accoun t
Ren am e the Adm in istrator Accoun t
Con sider creatin g a dum m y Adm in istrator accoun t
P t th l t l d i f b i di l d
Prevent the last logged-in user n am e from bein g displayed
En able EFS (En cryptin g File System )
Disable the In frared Port on the laptop
Backup the data before leavin g
Preven tin g Laptop Com m un ication s
from Wireless Threats
En ablin g Wired Equivalen t Privacy (WEP) / Wi-Fi Protected
A (WPA) h i l k
Access (WPA) on the wireless n etwork
MAC address con trol allows the wireless con n ection s from
d h dd i d i h fil
MAC card whose MAC address is stored in the filter
En d to en d en cryption where the con versation is in the en crypted m ode
VPN (Virtual Private Network) protects the in form ation tran sm itted over wireless lin ks
Protectin g the Stolen Laptops
from Bein g Used
from Bein g Used
Set the BIOS password which preven ts the m achin e from
ti i ith th ti h th d i i t f
con tin uin g with the operation s when the password is in correct for three con secutive attem pts
Set Login password to successfully login to the com puter Set Login password to successfully login to the com puter
En cryptin g the file system En cryptin g the file system
Use Biom etric authen tication m echan ism (such as, fin gerprin t
d f d l d
reader, face reader, retin al pattern reader etc.)
Security Tips
In stall an ti-virus software an d firewalls
Use cable locks on laptops as visual deterren ts
Use asset trackin g an d recovery software
I t i d d d t t ti In vest in advan ced data protection
Back-up valuable data on a scheduled basis
Keep laptops un n oticeable Keep laptops un n oticeable
Avoid leavin g un secured n otebooks un atten ded
En crypt your data En crypt your data
Never leave access n um bers or passwords in your carryin g case
Use alarm bells
Sum m ary
Crim in als target laptops for quick profits an d m isuse of the Crim in als target laptops for quick profits an d m isuse of the con fiden tial data
In terception an d m on itorin g wireless traffic through various sn iffer p g g tools an d in terception software
MAC address con trol allows the wireless con n ection s from MAC card whose MAC address is stored in the filter
WPA is used as an exten sive level of security for wireless LAN’s WPA is used as an exten sive level of security for wireless LAN s
Face Recogn ition techn ology is used to access the laptop by
i i h f h d
